Pragma FortressSSH uses the proven RSA or DSA public key cryptography, supports multiple encryption algorithms, ciphers, and 9 levels of compression.
RSA is a popular public key algorithm developed by Rivest, Shamir, and Adleman. It bases its algorithm on the difficulty of factoring large prime numbers. The public key system uses 2 keys, a public key and a private key. One for encryption and one for decryption.
The SSH2 protocol of Pragma Fortress supports the Digital Signature Algorithm (DSA) public key generation for authentication. The DSA algorithm uses a 1024-bit host key to authenticate the host, and a 768-bit server key, regenerated every hour. The keys are exchanged using the Diffie-Helman algorithm.
Pragma FortressSSH supports AES128, AES192, AES256, Blowfish, 3DES, Arcfour, and CAST128 ciphers. Ciphers are divided into types, block and stream. Block ciphers transform data in blocks, where stream ciphers transform the data bit-by-bit. The cipher is requested by the client. If none is specifically requested Pragma FortressSSH prefers AES128.
AES (Advanced Encryption Standards) is a new standard adopted by US Government which will replace DES/3DES. AES is also known as Rijndael encryption algorithms and are very fast. AES128, AES192, AES256 uses 128, 192 or 256 bits respectively as the cipher length.
Blowfish is a symmetric key block cipher designed by Schneier that uses a variable length key and a 64-bit block. Using a Feistal network, the data is passed through the encryption function 16 times. The key can be any length from 32 to 448 bits. Blowfish is a fast cipher.
Data Encryption Standard (DES) and Triple DES (3DES) were 2 of the first algorithms available. They were created by the US National Security Agency, in the early 1970's. They have been susceptible to cryptanalysis, so are not recommended if other algorithms are available.
CAST-128 is a DES-like encryption algorithm which has good resistance to differential cryptanalysis, linear cryptanalysis, and related-key cryptanalysis.
Arcfour is a symmetric stream cipher based on RC4 and SHA-1. This is a low security cipher.
Compression can be used to decrease the size of the packets sent from client to server. This will improve performance on slow lines, such as modems, but will not show much performance improvement on fast networks. The compression level can be anywhere from 0 to 9, with 6 as default, but compression is not used at all unless requested.